summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2013-11-14 23:16:43 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2013-11-14 23:16:43 +0100
commitbef39b72834173e969efc6cee10145300a3af94c (patch)
treedb967f3089ce21322d8a7beb1ae2badf67c82176
parentb05b3f32354f7fe9cefee74ea18020fd8069bc10 (diff)
downloadfastd-bef39b72834173e969efc6cee10145300a3af94c.tar
fastd-bef39b72834173e969efc6cee10145300a3af94c.zip
Ensure sessions are invalidated before the nonce wraps
While it isn't realistic for the nonce to wrap in less than one hour, it's better to check for this.
-rw-r--r--src/methods/common.h11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/methods/common.h b/src/methods/common.h
index 0769a6c..6be32e9 100644
--- a/src/methods/common.h
+++ b/src/methods/common.h
@@ -51,6 +51,9 @@ bool fastd_method_reorder_check(fastd_context_t *ctx, fastd_peer_t *peer, fastd_
static inline bool fastd_method_session_common_is_valid(fastd_context_t *ctx, const fastd_method_common_t *session) {
+ if (session->send_nonce[COMMON_NONCEBYTES-1] == 0xff && session->send_nonce[COMMON_NONCEBYTES-2] == 0xff)
+ return false;
+
return (timespec_after(&session->valid_till, &ctx->now));
}
@@ -59,7 +62,13 @@ static inline bool fastd_method_session_common_is_initiator(const fastd_method_c
}
static inline bool fastd_method_session_common_want_refresh(fastd_context_t *ctx, const fastd_method_common_t *session) {
- return fastd_method_session_common_is_initiator(session) && timespec_after(&ctx->now, &session->refresh_after);
+ if (session->send_nonce[COMMON_NONCEBYTES-1] == 0xff)
+ return true;
+
+ if (fastd_method_session_common_is_initiator(session) && timespec_after(&ctx->now, &session->refresh_after))
+ return true;
+
+ return false;
}
static inline void fastd_method_session_common_superseded(fastd_context_t *ctx, fastd_method_common_t *session) {